Trojan Terror

I had to download a program to open rar files. A simple thing. I even downloaded the same program I used to have on my old computer (this comp is only a month old)....but apparently someone decided to put the virus into this legit program and place it back on the net.
So I have been offline for the last two days and now I have to reinstall everything all over again.

Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

Comments

Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

Fun ... or profitable.

Virus-writing is no longer recreation, it's business, and it's a business that involves organized criminals and a whole bunch of other unpleasant folks. The goal is to get your computer working for them rather than you, and there's big money involved.

I like to think that there's a special circle of Hell reserved for these people.

I feel your pain. Had to do the same thing last week on account of a bit of spyware that came wrapped around a legit video player I downloaded from an equally legit, apparently trustworthy source. Even though my anti-malware programs detected and removed it, the damage was already done. Worse, it cost me a really big repair bill as I didn't know what was wrong with the computer -- it acted as though there were hardware problems when there weren't and unfortunately only the hardware and tech support for that was covered by my warranty. Software support, two external hard drives 'cuz I had to back everything up *fast* before everything died on me and finally a fix from Dell cost me the price of a new machine. Right now I am still putting everything back together on my system and praying to whatever Vengeance Deities there may be to blast whichever giant humanoid turd is responsible for "Incredibar". Tar and feathers just won't cut it, a good old fashioned smiting of Biblical proportions is what these virus makers and "script kiddie" criminals deserve.

It's a good idea, but sometimes you can only get nice independent programs - like IrfanView, JDirStat, or other simple-interface programs that provide wonderful utilities - from the web sites of their creators, which may be more vulnerable to hacks (or just not watched that closely). Firefox claims it's scanning for viruses when I download items, but I suspect it may not be that accurate about that.

Sorry to hear that. Which program was it, and where did you download it, by the way? I find drive-by Malware downloads are a serious problem these days, which is why I usually browse with scripts and plugins blocked.

The guy in the shop loaded winrar on for me and told me to never download that other program again LOL
They were actually good to me, most of th work was still under warranty. They just charged me for a reinstall of my OS (which was about 1/3 of what they really should have charged, because they did a full cleaning on my machine)

Hate that I am going to miss almost a week of work though because of this (maybe only half a week...if I get all my installing doen tomorrow...but i wont hold my breath)

There is minor problem with most AV software these days...it tends to err on the side of 'everything is infected', so there is time spent disinfecting a clean system and time spent worrying if you got everything cleaned up. Often various system tools/utilities (especially those that deal with network monitoring and 'in depth' security tools) are flagged like this.

The downside is, if 'everything' is a threat then, people tend to become desensitized so when something really happens, they are caught by surprise.

It's always best to get at least one 'second' opinion on a suspect file...if not more than one. No single AV package is 100% against everything out there. (On the other hand, running multiple AV apps at the same time is a recipe for disaster.)

Oh, mine was definitely infected. The last bits of it were hiding in Internet Explorer's registry settings. Even though I don't use that browser it comes with Windows and apparently you can't uninstall the damn thing. Needless to say the first thing I did after getting Win7 up and running again was to disable IE just as soon as I got Chrome and FireFox.

Good for you to find them on internet explorer registry because mine was infected 7 times last week and i had to delete the whole system 7 times,gess where did i found them?in my zbrush 3 folder and don't even know how the hack they camp there!
but now i am pretty sure that nothing will hit me again,you fold me once,shame on you.you fold me 7ence,i will kill you,and beware of nova site,it takes long long very long time to download and 50% are all infected,my whole hometown are infected with a new virus called "h4d",
i never heard of it before,i was going to uplod a pain in the ass virus to free download sites but i was afraid to hurt people just like us......
but i give you my word that all those infection geeks will fall down someday,maybe we will be theyr'e replacements.
See around mates.

Oh I was definitely infected. The bugger dug its way into my root sectors and prevented the computer from booting properly.

I usually have a couple virus detectors running on this machine, so it is hard to get infected. The only thing with this one was that I was not paying too close attention to where i downloaded this program from, and it came from a site that I didnt know.
So I really can't blame anyone but myself.
I am usually so paranoid about downloading stuff on this machine, because well...I make my living off of this machine, so when its down....everything comes to a stop.

I had to download a program to open rar files. A simple thing. I even downloaded the same program I used to have on my old computer (this comp is only a month old)....but apparently someone decided to put the virus into this legit program and place it back on the net.
So I have been offline for the last two days and now I have to reinstall everything all over again.

Such a PITA.....all because some idjit thinks its fun to write something that will damage computers.

Recently I have found that the anti virus companies hire people to write viruses. I think one of the main companies doing so is AVM and StopZilla but that is just my opinion.

Yeah same thing happened to me last month or the month before. I was looking for a program that I use to use to convert video files. And yeah I had downloaded the same program from the same website I use to get it from.

This wiped out my entire harddrive but I always keep my content and files on a secondary drive and I always have an Ubuntu Disk to access my drive and backup what ever I missed. so it does not take me long to get back up and working again.

I use
MalwareBytes
Super Anti Spyware
Avira Antivirus '
RKill is an amazing program and I use it as my last resort

Recently I have found that the anti virus companies hire people to write viruses. I think one of the main companies doing so is AVM and StopZilla but that is just my opinion.

Yeah same thing happened to me last month or the month before. I was looking for a program that I use to use to convert video files. And yeah I had downloaded the same program from the same website I use to get it from.

Stopzilla NEVER was a legit antivirus company...they have ALWAYS been considered, at best, rogue. They are the originators of the 'free scan, pay to clean' scam.

Anyone making their living with their computer should follow a couple simple steps.

1) keep the OS/programs on a separate drive from any Data
This allows wiping the OS/Program drive without wiping the data and facilitates the following:

2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software. Acronis is relatively straightforward. I recommend making a secure zone on the hd and doing an optical image. The secure zone on the system makes it easy to recover the system, the optical image is your failsafe in case the secure zone becomes damaged or infected. This image should not include any data. Never update the image unless you first restore from the image and then update the system. This prevents infecting the image inadvertently. Use the built in MS Restore Points to do quick and dirty saves of the system state inbetween Imaging.

2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.

3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.

* The industry is blurring the line between images and backups, using the terms interchangeably. This is unfortunate as they are *not* the same, and doing so encourages bad practices and misunderstanding. Images are the system, backups are the data. Keep them separate for your own sanity.

** I say separate drives but actually the point is separate partitions, it can be on the same physical drive. Separate physical drives do offer minor advantages.

*** Don't think fancy mirroring systems will help you. These only protect against hardware failure which is much more rare then software corruption or infection. Unless one is a production facility with multiple employees, mirroring is not the answer, imaging and backups are. Mirroring doesn't negate images and backups, it simply adds another layer of protection for production houses that isn't cost effective for most small shops.
--------------------------------------------------------------------------------------------------------------

And sorry to hear of your loss RawArt. I know this doesn't help after the fact, but I figured since you just rebuilt your system it might come in handy.

I say fight fire with fire for those dung heads. That would teach them a lesson or two when their own systems got borked. That whole Christian attitude of turn the other cheek does not work here. Beat the living hell out of them and destroy them any way possible. Sorry you went through this RAWN!

Anyone making their living with their computer should follow a couple simple steps.

1) keep the OS/programs on a separate drive from any Data
This allows wiping the OS/Program drive without wiping the data and facilitates the following:

2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software. Acronis is relatively straightforward. I recommend making a secure zone on the hd and doing an optical image. The secure zone on the system makes it easy to recover the system, the optical image is your failsafe in case the secure zone becomes damaged or infected. This image should not include any data. Never update the image unless you first restore from the image and then update the system. This prevents infecting the image inadvertently. Use the built in MS Restore Points to do quick and dirty saves of the system state inbetween Imaging.

2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.

3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.

* The industry is blurring the line between images and backups, using the terms interchangeably. This is unfortunate as they are *not* the same, and doing so encourages bad practices and misunderstanding. Images are the system, backups are the data. Keep them separate for your own sanity.

** I say separate drives but actually the point is separate partitions, it can be on the same physical drive. Separate physical drives do offer minor advantages.

*** Don't think fancy mirroring systems will help you. These only protect against hardware failure which is much more rare then software corruption or infection. Unless one is a production facility with multiple employees, mirroring is not the answer, imaging and backups are. Mirroring doesn't negate images and backups, it simply adds another layer of protection for production houses that isn't cost effective for most small shops.
--------------------------------------------------------------------------------------------------------------

And sorry to hear of your loss RawArt. I know this doesn't help after the fact, but I figured since you just rebuilt your system it might come in handy.

To add...two backups are better than one. Especially for critical data...ideally one should be 'off site'.

Multiple backups are good and so is offsite (bank safety deposit boxes work well for this.) However, making any system more complex then what one is willing to keep up is detrimental. Find what you are willing to maintain and do that. It can be more important to be consistant then doing many levels that aren't properly maintained. We have to be realistic with how much time and energy we are willing to devote to this. What I mentioned is what we should consider 'necessary' if making our living doing this.

Also, as we get in the habit of doing basics, we can add something like adding another weekly or monthly backup that we drive out to a bank safety deposit box.

I forgot, now we have the option to do internet backups as an offsite backup. There are various caveats to this, but the main one I would mention is encrypting if we have anything that we don't want to risk being stolen. It may be overkill for many but it is worth thinking about. If we encrypt, what I recommend is to have encryption software on the computer and encrypt before uploading to the backup site as we are in control of the process this way.

Anyone making their living with their computer should follow a couple simple steps.

1) keep the OS/programs on a separate drive from any Data
This allows wiping the OS/Program drive without wiping the data and facilitates the following:

2) Always make an image of the system immediately after loading the system, updating it, loading any main programs used, and any basic customization. *Do this before using the system or going out on the internet any more then necessary to update/activate software.

I'll second that - always do this myself.

2b) Test all images to a blank hd if possible. It sx to find out that they don't work or that you don't know how to recover from them after a crash. We are not our best in bad situations so we want to be as capable of recovering without too much thinking and we want to know it will work.

Or use Image for DOS - it has byte-for-byte verify both on creating and restoring images, which means you can be sure the restored system is 100% identical to the system the image was made from. It's also a very stable and reliable program - I've created and restored hundreds of images on several machines with it over the last 6 years and never had a single error.

3) Only store data on the data drive and back it up as often as one doesn't want to lose stuff. For some of us that could be multiple times a day.
Also a very good idea. For Windows I can recommend Second Copy for backup. it can even back up to a remote FTP server if you like: